US11868485B2 - Operation method, operation apparatus, and device - Google Patents

Operation method, operation apparatus, and device Download PDF

Info

Publication number
US11868485B2
US11868485B2 US17/568,967 US202217568967A US11868485B2 US 11868485 B2 US11868485 B2 US 11868485B2 US 202217568967 A US202217568967 A US 202217568967A US 11868485 B2 US11868485 B2 US 11868485B2
Authority
US
United States
Prior art keywords
processing circuit
secret information
scheduling
scheduling instruction
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US17/568,967
Other languages
English (en)
Other versions
US20220129565A1 (en
Inventor
Qinglong ZHANG
Qianying Tang
Wangchen Dai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Assigned to HUAWEI TECHNOLOGIES CO., LTD. reassignment HUAWEI TECHNOLOGIES CO., LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: DAI, Wangchen, TANG, Qianying, Zhang, Qinglong
Publication of US20220129565A1 publication Critical patent/US20220129565A1/en
Application granted granted Critical
Publication of US11868485B2 publication Critical patent/US11868485B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Definitions

  • the embodiments relate to the field of computer technologies, and in particular, to an operation method, an operation apparatus, and a device.
  • data processing is usually coordinately performed by a software processing circuit and a hardware processing circuit.
  • the data processing usually includes a plurality of types of operations, such as a point multiplication operation, a point addition operation, a point doubling operation, and a modular addition operation.
  • the software processing circuit usually generates, based on secret information, a scheduling instruction corresponding to each operation, and the hardware processing circuit executes the scheduling instruction to complete the corresponding operation.
  • the secret information is leaked, and consequently operation security is relatively low.
  • An operation method, an operation apparatus, and a device improve operation security.
  • an embodiment provides an operation method that is applied to an operation system.
  • the operation system includes a software processing circuit, a hardware processing circuit, and a storage circuit.
  • the software processing circuit is configured to work by executing a software program.
  • the storage circuit stores secret information.
  • the software processing circuit obtains an operation task, and generates, based on the operation task, one or more scheduling instructions corresponding to the operation task, where the operation task includes performing one or more operations, and each scheduling instruction includes an operation type of one operation and a flag bit; and the software processing circuit sends the one or more scheduling instructions to the hardware processing circuit, and the hardware processing circuit obtains the secret information from the storage circuit when the flag bit in the scheduling instruction is a valid value, determines, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtains the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction, to complete the operation task.
  • the software processing circuit After the software processing circuit obtains the operation task, the software processing circuit generates the one or more scheduling instructions based on the operation task, and a process in which the software processing circuit generates the scheduling instruction does not rely on the secret information.
  • the hardware processing circuit may execute the corresponding operation based on the scheduling instruction and the secret information. Because the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information, the software processing circuit is prevented from obtaining the secret information, so that secret information leakage caused when the software processing circuit is attacked by software can be prevented, thereby improving operation security.
  • the data addresses of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction may be determined based on the secret information in the following feasible implementation: obtaining preset first relationships, where the first relationships are operation relationships between registers configured to store the one or more pieces of operation data and the secret information; determining the registers based on the first relationships and the secret information; and determining addresses of the registers as the data addresses.
  • the registers can be determined based on the operation relationships and the secret information, and then the data addresses of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction can be determined based on the addresses of the registers.
  • the one or more pieces of operation data include a first source operand and a target operand
  • the data addresses that are of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction and that are determined based on the secret information include a data address of the first source operand and a data address of the target operand.
  • the operation task is a point multiplication operation task or a modular exponentiation operation task; and the scheduling instruction further includes a loop quantity i, where i is a quantity of times that the operation is currently performed in the operation task, i is an integer from 0 to N ⁇ 1, and N is a binary length of the secret information; and correspondingly, the first relationships are relationships between identifiers of the registers and a value of an i th bit in the secret information.
  • an operation included in the operation task is a loop operation
  • the loop quantity i is set in the scheduling instruction, so that the quantity of times that the operation is currently performed can be determined by using the loop quantity i in the scheduling instruction.
  • that the software processing circuit generates, based on the operation task, one or more scheduling instructions corresponding to the operation task includes: when determining that a data address related to the secret information exists in data addresses of one or more pieces of operation data required for an operation, the software processing circuit sets a flag bit in a scheduling instruction corresponding to the operation to the valid value; or when determining that no data address related to the secret information exists in data addresses of one or more pieces of operation data required for an operation, the software processing circuit sets a flag bit in a scheduling instruction corresponding to the operation to an invalid value.
  • the flag bit is set in the scheduling instruction, and a value of the flag bit in the scheduling instruction is set to the valid value or the invalid value based on an actual operation status.
  • the hardware processing circuit can determine, based on the value of the flag bit in the scheduling instruction, whether the data addresses of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction need to be determined based on the secret information, so that the hardware processing circuit can perform a correct operation.
  • the operation type is a modular multiplication operation or a modular addition operation.
  • the secret information is a private key in an RSA algorithm; or the secret information is a random number in elliptic curve cryptography.
  • an embodiment provides an operation apparatus, including a software processing circuit, a hardware processing circuit, and a storage circuit.
  • the software processing circuit is configured to work by executing a software program.
  • the storage circuit stores secret information.
  • the software processing circuit is configured to obtain an operation task, where the operation task includes performing one or more operations.
  • the software processing circuit is configured to generate, based on the operation task, one or more scheduling instructions corresponding to the operation task, where each scheduling instruction includes an operation type of one operation and a flag bit.
  • the hardware processing circuit is configured to: after receiving the one or more scheduling instructions, obtain the secret information from the storage circuit when the flag bit in the scheduling instruction is a valid value, determine, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtain the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction, to complete the operation task.
  • the hardware processing circuit is configured to:
  • the one or more pieces of operation data include a first source operand and a target operand
  • the data addresses that are of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction and that are determined based on the secret information include a data address of the first source operand and a data address of the target operand.
  • the operation task is a point multiplication operation task or a modular exponentiation operation task; and the scheduling instruction further includes a loop quantity i, where i is a quantity of times that the operation is currently performed in the operation task, i is an integer from 0 to N ⁇ 1, and N is a binary length of the secret information; and
  • the software processing circuit is configured to:
  • the operation type is a modular multiplication operation or a modular addition operation.
  • the secret information is a private key in an RSA algorithm
  • a storage medium is configured to store a computer program, and the computer program is used to implement the operation method according to any implementation of the first aspect.
  • an embodiment further provides a chip or an integrated circuit, including: a storage medium and a processor.
  • the storage medium is configured to store program instructions, and sometimes, is further configured to store intermediate data.
  • the processor is configured to invoke the program instructions stored in the storage medium, to implement the operation method described in any implementation of the first aspect.
  • an embodiment further provides a program product.
  • the program product includes a computer program.
  • the computer program is stored in a storage medium, and the computer program is used to implement the operation method described in any implementation of the first aspect.
  • the embodiments provide the operation method, the operation apparatus, and the device.
  • the operation system may include the software processing circuit and the hardware processing circuit. After obtaining the operation task, the software processing circuit generates the one or more scheduling instructions based on the operation task, and the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information.
  • the hardware processing circuit may execute the corresponding operation based on the scheduling instruction and the secret information. Because the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information, the software processing circuit is prevented from obtaining the secret information, so that secret information leakage caused when the software processing circuit is attacked by software can be prevented, thereby improving operation security.
  • FIG. 1 is a schematic diagram of an operation method according to an embodiment
  • FIG. 2 is a diagram of an architecture of an operation system according to an embodiment
  • FIG. 3 is a schematic flowchart of an operation method according to an embodiment
  • FIG. 4 A is a schematic diagram of a scheduling instruction according to an embodiment
  • FIG. 4 B is a schematic diagram of another scheduling instruction according to an embodiment
  • FIG. 5 is a schematic diagram of an operation system according to an embodiment
  • FIG. 6 is a schematic flowchart of another operation method according to an embodiment
  • FIG. 7 is a schematic generation diagram of a scheduling instruction according to an embodiment
  • FIG. 8 A is a schematic diagram of another scheduling instruction according to an embodiment
  • FIG. 8 B is a schematic diagram of another scheduling instruction according to an embodiment.
  • FIG. 9 is a schematic diagram of a structure of an operation apparatus according to an embodiment.
  • Public key algorithm The public key algorithm uses asymmetric encryption. Data encryption/decryption, data signature/signature verification, and the like may be implemented by using the public key algorithm. A pair of keys usually needs to be used in the public key algorithm, and data encryption/decryption, data signature/signature verification, and the like can be implemented only by using a pair of keys.
  • Common public key algorithms include an RSA (Rivest-Shamir-Adleman) algorithm, elliptic curve cryptography (ECC), SM2 elliptic curve public key cryptography, an ElGamal algorithm, a backpack algorithm, and the like.
  • a password pair includes a private key and a public key.
  • the private key is secret information, the private key is usually held by a key pair owner, and the private key needs to be kept secret.
  • the public key is public information, and the public key is usually published by the key pair holder to another person, and the public key does not need to be kept secret.
  • Public key digital signature/signature verification During digital signature of a message, the message is digitally signed by using a private key. During verification of a digital signature, the digital signature is verified by using a private key.
  • the public key algorithm operation is an operation in a public key algorithm.
  • the operation may include at least one of a modular multiplication operation, a modular addition operation, a modular exponentiation operation, a point addition operation, a point multiplication operation, or a point doubling operation.
  • a private key may need to be used in a process of performing the operation.
  • FIG. 1 is a schematic diagram of an operation method according to an embodiment.
  • a first device and a second device are included, and the first device and the second device each may be a terminal device, a network device, or the like.
  • the first device may be a server-side device, and the second device may be a terminal device.
  • the first device may send identity challenge information to the second device.
  • the identity challenge information is used to request to verify the identity of the second device.
  • the second device After receiving the identity challenge information, the second device performs a public key signature operation on the identity challenge information by using a private key of the second device, to obtain a digital signature result, and sends the digital signature result to the first device.
  • the first device verifies the digital signature result by using a public key of the second device.
  • the public key signature operation performed by the second device on the identity challenge information by using the private key of the second device improves security of the private key of the second device.
  • FIG. 1 shows only one possible scenario.
  • the embodiments may be applied to another scenario. This is not limited in the embodiments.
  • FIG. 2 is a diagram of an architecture of an operation system according to an embodiment.
  • the operation system may be deployed in any electronic device.
  • the operation system may be deployed in the second device shown in the embodiment in FIG. 1 .
  • the operation system includes a processor 201 , a public key engine (PKE) 202 , a communications component 203 , a memory 204 , a bus 205 , and the like.
  • the PKE 202 is mounted on the bus 205 in a form of an intellectual property (IP) core.
  • IP intellectual property
  • the PKE 202 may include a hardware circuit, a storage medium, and the like.
  • the hardware circuit may include a logical determining circuit, a logical operation circuit, or the like.
  • the storage medium may include a register, a RAM, or the like. An operand for an operation can be stored in the register.
  • the communications component 203 may include a transmitter and/or a receiver. The operation system may communicate with another device by using the communications component 203 , for example, receive information from another device, and/or send information to another device.
  • the memory 204 may store a public key algorithm and a related driver that drives execution of the public key algorithm.
  • the memory 204 may be a flash memory.
  • the processor 201 can execute the public key algorithm in the memory 204 .
  • the processor 201 may generate a scheduling instruction based on the public key algorithm stored in the memory 204 , and the hardware circuit in the PKE 202 performs an operation on an operand in the storage medium (for example, a register) based on the scheduling instruction.
  • the storage medium for example, a register
  • the operation system may include a software processing circuit and a hardware processing circuit.
  • a processing process of the software processing circuit relies on the processor 201 that supports an instruction set, for example, an x86 processor or an ARM processor, that is, a function of the software processing circuit is implemented by using the processor 201 .
  • the hardware processing circuit may include the components shown in the PKE 202 in the embodiment in FIG. 2 .
  • the hardware processing circuit may be implemented based on an integrated circuit (such as an ASIC or an FPGA) or a discrete element. In practice, to achieve better performance, the hardware processing circuit is usually implemented by using an integrated circuit.
  • the software processing circuit In the process of performing the public key algorithm operation, the software processing circuit generates a scheduling instruction, and a process in which the software processing circuit generates the scheduling instruction does not rely on secret information (for example, a private key).
  • the hardware processing circuit performs an operation on an operand in a corresponding register based on the scheduling instruction.
  • the software processing circuit because the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information, the software processing circuit is prevented from obtaining the secret information, so that secret information leakage caused when the software processing circuit is attacked by software can be prevented, thereby improving operation security.
  • FIG. 3 is a schematic flowchart of an operation method according to an embodiment.
  • the method may be applied to an operation system.
  • the operation system includes a software processing circuit, a hardware processing circuit, and a storage circuit.
  • the storage circuit stores secret information.
  • the method may include the following steps.
  • the software processing circuit obtains an operation task, where the operation task includes performing one or more operations.
  • the operation task may be a point multiplication operation task, a modular exponentiation operation task, or the like.
  • the operation included in the operation task may be a modular multiplication operation and/or a modular addition operation.
  • the software processing circuit in the operation system can obtain the operation task.
  • the following example describes a manner in which the software processing circuit obtains the operation task.
  • an RSA signature process may include the following steps:
  • Step 1 Encode a to-be-signed message.
  • the encoding may be public key cryptography standards (PKCS) 1_v1_5 encoding.
  • PKCS public key cryptography standards
  • Step 2 Perform a modular exponentiation operation on encoded data M to obtain a data signature result, where the modular exponentiation operation is M d , and d is a private key.
  • a pseudocode corresponding to step 2 may be shown as follows:
  • the software processing circuit in the operation system may obtain a modular exponentiation operation task.
  • the software processing circuit generates, based on the operation task, one or more scheduling instructions corresponding to the operation task.
  • One operation in the operation task corresponds to one or more instructions.
  • an operation is a loop operation
  • the operation corresponds to a plurality of scheduling instructions.
  • the operation is a loop operation, and a value of i is successively 0 to N ⁇ 1.
  • the operation corresponds to one scheduling instruction.
  • the operation corresponds to one scheduling instruction.
  • the operation corresponds to one scheduling instruction.
  • the operation corresponds to one scheduling instruction.
  • Each scheduling instruction includes an operation type of one operation and a flag bit.
  • the operation type included in the scheduling instruction may be a modular multiplication operation, a modular addition operation, or the like.
  • the flag bit may be a valid value, or may be an invalid value.
  • the valid value may be 1, and the invalid value may be 0.
  • the valid value may be 0, and the invalid value may be 1.
  • the valid value and the invalid value may be other values. This is not limited in this embodiment.
  • the software processing circuit When determining that a data address related to the secret information exists in data addresses of one or more pieces of operation data required for an operation, the software processing circuit sets a flag bit in a scheduling instruction corresponding to the operation to the valid value.
  • data addresses of one or more of pieces of operation data required for an operation may be related to the secret information.
  • the software processing circuit When determining that no data address related to the secret information exists in data addresses of one or more pieces of operation data required for an operation, the software processing circuit sets a flag bit in a scheduling instruction corresponding to the operation to the invalid value.
  • the secret information shown in this embodiment is information that needs to be kept secret and that needs to be used when the operation in the operation task is performed.
  • the secret information may be a private key in an RSA algorithm, or the secret information may be a random number in elliptic curve cryptography.
  • a flag bit in a scheduling instruction that corresponds to the operation and that is generated by the software processing circuit is the invalid value, and the software processing circuit may further determine, based on the operation, that an operation type is modular multiplication.
  • the scheduling instruction usually further includes three address fields, and values in the three address fields respectively represent an address of a target register (a target address), an address of a first source register (a first source address), and an address of a second source register (a second source address).
  • Data in the first source register is a first source operand
  • data in the second source register is a second source operand.
  • the operation T[ ⁇ ki]*T[2] mod N is performed based on data in the first source register (T[ ⁇ ki]) and the second source register (T[2]), to obtain an operation result, and the operation result is written into the target register T[ ⁇ ki].
  • a scheduling instruction generated based on an operation in the operation task may further include a loop quantity i, where i is a quantity of times that the operation is currently performed in the operation task, i is an integer from 0 to N ⁇ 1, and N is a binary length of the secret information.
  • i is a quantity of times that the operation is currently performed in the operation task
  • i is an integer from 0 to N ⁇ 1
  • N is a binary length of the secret information.
  • the scheduling instruction may further include the constant operand.
  • the scheduling instruction may further include the constant operand.
  • the operation includes the constant operand N, and therefore the scheduling instruction may include the constant operand N.
  • FIG. 4 A is a schematic diagram of a scheduling instruction according to an embodiment.
  • the scheduling instruction includes the following fields: an operation type, a flag bit, a loop quantity, an operation constant, a target address, a source address 2 , and a source address 1 .
  • a value of the operation type field is an identifier of a modular multiplication operation
  • a value of the flag bit field is 1
  • a value of the loop quantity field is i (a value of i is 0 to N ⁇ 1)
  • a value of the operation constant field is N
  • a value of the target address field is a preset fill-in value
  • a value of the source address 2 field is an address of a register T[2]
  • a value of the source address 1 field is the preset fill-in value.
  • FIG. 4 B is a schematic diagram of another scheduling instruction according to an embodiment.
  • the scheduling instruction includes the following fields: an operation type, a flag bit, a loop quantity, an operation constant, a target address, a source address 2 , and a source address 1 .
  • a value of the operation type field is an identifier of a modular multiplication operation
  • a value of the flag bit field is 0
  • a value of the loop quantity field is i (a value of i is 0 to N ⁇ 1)
  • a value of the operation constant field is N
  • a value of the target address field is an address of a register T[2]
  • a value of the source address 2 field is the address of the register T[2]
  • a value of the source address 1 field is the address of the register T[2].
  • the hardware processing circuit After receiving the one or more scheduling instructions, the hardware processing circuit obtains the secret information from a storage circuit when the flag bit in the scheduling instruction is the valid value.
  • the software processing circuit After the software processing circuit generates the scheduling instruction, the software processing circuit sends the scheduling instruction to the hardware processing circuit.
  • the software processing circuit may generate the scheduling instructions in a specific order based on the actual operations in the operation task and send the generated scheduling instructions to the hardware processing circuit.
  • the hardware processing circuit also executes the scheduling instructions in the sequence of the scheduling instructions.
  • the software processing circuit sends the scheduling instructions to the hardware processing circuit in the generation sequence of the scheduling instructions.
  • the hardware processing circuit executes the scheduling instruction in a sequence in which the scheduling instructions are received.
  • the hardware processing circuit determines, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtains the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction, to complete the operation task.
  • the hardware processing circuit may determine, in the following feasible implementation, the data addresses of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction: obtaining preset first relationships, where the first relationships are operation relationships between registers configured to store the one or more pieces of operation data and the secret information; determining the registers based on the first relationships and the secret information; and determining addresses of the registers as the data addresses.
  • the first relationships may be operation relationships between identifiers of the registers and the secret information.
  • the identifiers of the registers may be determined based on the first relationship and the secret information, and the addresses of the registers corresponding to the identifiers of the registers may be determined as the data addresses.
  • a binary private key is 01100100
  • the foregoing illustrates the first relationship only in an example form and constitutes no limitation on the first relationship.
  • the first relationship may be set based on an actual requirement. This is not limited in this embodiment.
  • the operation system may include the software processing circuit and the hardware processing circuit. After obtaining the operation task, the software processing circuit generates the one or more scheduling instructions based on the operation task, and a process in which the software processing circuit generates the scheduling instruction does not rely on the secret information.
  • the hardware processing circuit may execute the corresponding operation based on the scheduling instruction and the secret information. Because the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information, the software processing circuit is prevented from obtaining the secret information, so that secret information leakage caused when the software processing circuit is attacked by software can be prevented, thereby improving operation security.
  • FIG. 5 is a schematic diagram of an operation system according to an embodiment.
  • the operation system includes a software processing circuit and a hardware processing circuit.
  • An execution process of the software processing circuit relies on a central processing unit (CPU).
  • the software processing circuit includes operation functions of a plurality of operations and an instruction generation unit. After obtaining an operation task, the software processing circuit may generate a scheduling instruction based on the operation task and the operation functions. A process in which the software processing circuit generates the scheduling instruction does not need to rely on secret information. If values of some fields (addresses of registers) in the scheduling instruction are related to the secret information, the values of the fields each are filled with a preset fill-in value, and a value of a flag bit is set to a valid value, to indicate that the scheduling instruction has no complete true information, and the complete true information needs to be determined by the hardware processing circuit with reference to the secret information.
  • the software processing circuit may further set a loop quantity, an operation constant, or the like in the scheduling instruction. After generating the scheduling instruction, the software processing circuit sends the scheduling instruction to the hardware processing circuit.
  • the hardware processing circuit includes an instruction parsing circuit and may parse the received scheduling instruction by using the instruction parsing circuit.
  • an instruction parsing circuit may parse the received scheduling instruction by using the instruction parsing circuit.
  • control circuit may further obtain an operation type (for example, a modular multiplication operation or a modular addition operation) obtained after the parsing; obtain a method that corresponds to the operation type and that is used to obtain the true values of the fields based on the secret information; obtain the true values of the fields based on the method, to determine the complete true information in the scheduling instruction; and schedule an underlying operator module and a RAM based on the complete true information in the scheduling instruction, to complete an operation corresponding to the scheduling instruction.
  • Each underlying operator circuit may be alternatively implemented by using a hardware circuit, and the RAM is configured to store an intermediate value.
  • FIG. 6 is a schematic flowchart of another operation method according to an embodiment. The method may include the following steps.
  • a software processing circuit obtains an operation task.
  • the operation task includes performing one or more operations.
  • the software processing circuit generates, based on the operation task, one or more scheduling instructions corresponding to the operation task.
  • each scheduling instruction may include an operation type of one operation, a flag bit, a target address, a first source address, and a second source address.
  • the scheduling instruction When the operation is a loop operation, the scheduling instruction further includes a loop quantity i.
  • the scheduling instruction When the operation relates to a constant operand, the scheduling instruction further includes the constant operand.
  • the software processing circuit sends the one or more scheduling instructions to a hardware processing circuit.
  • the hardware processing circuit processes the received scheduling instructions in a same process.
  • the following provides descriptions by using, as an example, a process in which the hardware processing circuit processes any received scheduling instruction.
  • the hardware processing circuit obtains a value of a flag bit from the scheduling instruction.
  • the hardware processing circuit obtains a preset first relationship when determining that the flag bit in the scheduling instruction is the valid value.
  • the first relationship is an operation relationship between a register and secret information.
  • an identifier of the register may be obtained through calculation based on the secret information and the first relationship.
  • an algorithm (software code) corresponding to the operation task may be obtained, and the first relationship may be obtained based on the algorithm corresponding to the operation task.
  • a correspondence between an operation type and the first relationship may be preset in the hardware processing circuit.
  • the first relationship may be obtained based on the operation type and the correspondence.
  • the first relationship is a relationship between the identifier of the register and a value of an i th bit in the secret information.
  • the hardware processing circuit determines, based on the first relationship and the secret information, the identifier of the register related to the secret information, and determines, based on the identifier of the register, an address of the register related to the secret information.
  • the register related to the secret information is a register whose data address is related to the secret information.
  • the identifier of the register may be a number of the register.
  • an identifier of a register T[0] is 0, an identifier of a register [1] is 1, and an identifier of a register [2] is 2.
  • the address of the register is an actual physical address of the register.
  • a correspondence between the identifier of the register and the address of the register may be preset, and the address of the register may be determined based on the identifier of the register and the correspondence.
  • the hardware processing circuit determines an address field of the register related to the secret information from the scheduling instruction.
  • the algorithm (software code) corresponding to the operation task may be obtained, and the address field of the register may be determined based on the algorithm corresponding to the operation task.
  • address fields of registers related to secret information are a target address field and a first source address field.
  • the hardware processing circuit updates a value of the address field of the register related to the secret information in the scheduling instruction to the address of the register related to the secret information.
  • the address of the register related to the secret information in the scheduling instruction received by the hardware processing circuit is a preset fill-in value, and the preset fill-in value is not a true address of the register. Therefore, after the value of the address field of the register related to the secret information is updated, an address of each register in an updated scheduling instruction can be a true address.
  • the hardware processing circuit performs a first operation based on the updated scheduling instruction.
  • the software processing circuit generates the scheduling instructions based on the operation task, and a process in which the software processing circuit generates the scheduling instruction does not rely on the secret information.
  • the hardware processing circuit may execute the corresponding operation based on the scheduling instruction and the secret information. Because the process in which the software processing circuit generates the scheduling instruction does not rely on the secret information, the software processing circuit is prevented from obtaining the secret information, so that secret information leakage caused when the software processing circuit is attacked by software can be prevented, thereby improving operation security.
  • Example 1 An RSA Signature Process is Used as an Example for Description
  • the RSA signature process may include the following steps: Step 1: Encode a to-be-signed message. Step 2: Perform a modular exponentiation operation on encoded data M to obtain a data signature result, where the modular exponentiation operation is M d , and d is a private key.
  • a pseudocode corresponding to step 2 may be shown as follows:
  • N loops may be included.
  • FIG. 7 is a schematic generation diagram of a scheduling instruction according to an embodiment.
  • an (i+1) th loop is executed. By analogy, the process does not end until the N loops are executed.
  • MM is an identifier of a modular multiplication operation
  • a value 1 of a flag bit is used to indicate that addresses of some registers need to be determined based on the secret information
  • a value (an address of T[0]) of each of a target address field and a source address 1 field is a preset fill-in value.
  • a value 0 of a flag bit is used to indicate that addresses of some registers do not need to be determined based on the secret information, and values of a target address field, a source address 1 field, and a source address 2 field each are a true address of a register.
  • the software processing circuit determines that an operation type in the operation task is a modular multiplication operation and sets a value of an operation type field to an identifier (MM) of the modular multiplication operation.
  • the software processing circuit determines that a data address related to the secret information exists in data addresses of one or more pieces of operation data required for the operation, and therefore sets a value of a flag bit field to 1. Because this operation is the first operation, a value of a loop quantity field is set to a current loop quantity 0. Because a modulus is a binary length of the secret information, and the binary length of the secret information is 8, a value of a modulus field is set to 8.
  • a value of a target address field may be filled with a preset fill-in value. Assuming that the preset fill-in value is an address of a register T[0], the value of the target address field is set to the address of the register T[0]. Because the source register 2 (T[2]) is unrelated to the secret information, a value of a source address 2 field may be set to an address of the register T[2]. Because the source register 1 (T[ ⁇ ki]) is related to the secret information, and the preset fill-in value is the address of the register T[0], a value of a source address 1 field may be set to the address of the register T[0].
  • the software processing circuit may generate the scheduling instruction.
  • the scheduling instruction may be shown in FIG. 8 A .
  • FIG. 8 A is a schematic diagram of another scheduling instruction according to an embodiment.
  • the scheduling instruction includes an operation type field, a flag bit field, a loop quantity field, a modulus field, a target address field, a source address 2 field, and a source address 1 field. A value of each field is shown in FIG. 8 A , and details are not described herein.
  • the software processing circuit After the software processing circuit generates the scheduling instruction, the software processing circuit sends the scheduling instruction to the hardware processing circuit.
  • the hardware processing circuit obtains the current loop quantity 0 from the scheduling instruction and obtains a value (0) of a 0 th bit from the secret information (01001011), and therefore the identifier of the register related to the secret information is 1. Therefore, it may be determined that the values of the target address field and the source address 1 field in the scheduling instruction are both an address of a register T[1], and the values of the target address field and the source address 1 field may be modified.
  • a modified scheduling instruction is shown in FIG. 8 B .
  • FIG. 8 B is a schematic diagram of another scheduling instruction according to an embodiment.
  • a value of a target address field is an address of a register T[1]
  • a value of a source address 1 field is the address of the register T[1].
  • the hardware processing circuit may perform a modular multiplication operation based on values of the target address field, the source address 1 field, and a source address 2 field in the scheduling instruction shown in FIG. 8 B .
  • Example 2 An Elliptic Signature Process is Used as an Example for Description
  • the elliptic signature process may include the following steps:
  • Step 1 Select a random number k, where a value range of k is [1, n ⁇ 1], n is an order of an elliptic curve, and k is secret information.
  • Step 6 Return (r, s).
  • a pseudocode corresponding to the point multiplication operation may be shown as follows:
  • N loops may be included.
  • the point addition operation needs to be implemented by using a plurality of scheduling instructions.
  • the following illustrates the plurality of scheduling instructions with reference to Table 1.
  • the point addition operation may include 28 instructions. Because the first operand P of the point addition relies on the secret information, during generation of the scheduling instructions, if addresses of X1, Y1, and Z1 are used, flag bits are all 1 (1 indicates that a register of a first type is used). A flag bit of a scheduling instruction corresponding to the calculation result (X3, Y3, Z3) of the point addition is also 1.
  • the software processing circuit After the software processing circuit generates the scheduling instruction, the software processing circuit sends the scheduling instruction to the hardware processing circuit.
  • the hardware processing circuit After receiving the scheduling instruction, the hardware processing circuit performs a corresponding operation based on the scheduling instruction.
  • a process of performing the corresponding operation is similar to the process of performing the corresponding operation in Example 1, and details are not described herein again.
  • FIG. 9 is a schematic diagram of a structure of an operation apparatus according to an embodiment.
  • An operation apparatus 10 may include a software processing circuit 11 , a hardware processing circuit 12 , and a storage circuit 13 .
  • the software processing circuit 11 is configured to work by executing a software program.
  • the storage circuit 13 stores secret information.
  • the software processing circuit 11 is configured to obtain an operation task, where the operation task includes performing one or more operations.
  • the software processing circuit 11 is configured to generate, based on the operation task, one or more scheduling instructions corresponding to the operation task, where each scheduling instruction includes an operation type of one operation and a flag bit.
  • the hardware processing circuit 12 is configured to: after receiving the one or more scheduling instructions, obtain the secret information from the storage circuit 13 when the flag bit in the scheduling instruction is a valid value, determine, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtain the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction, to complete the operation task.
  • the software program may be stored in the storage circuit 13 , and the software processing circuit 11 may read the software program from the storage circuit 13 .
  • the software processing circuit 11 may perform S 301 and S 302 in the embodiment in FIG. 3 and S 601 to S 603 in the embodiment in FIG. 6 .
  • the hardware processing circuit 12 may perform S 303 and S 304 in the embodiment in FIG. 3 and S 604 to S 609 in the embodiment in FIG. 6 .
  • operation apparatus shown in the embodiments may perform the solutions shown in the foregoing method embodiments.
  • Implementation principles and beneficial effects of the operation apparatus are similar to those of the solutions, and details are not described herein again.
  • the hardware processing circuit 12 is configured to:
  • the one or more pieces of operation data include a first source operand and a target operand
  • the data addresses that are of the one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction and that are determined based on the secret information include a data address of the first source operand and a data address of the target operand.
  • the operation task is a point multiplication operation task or a modular exponentiation operation task; and the scheduling instruction further includes a loop quantity i, where i is a quantity of times that the operation is currently performed in the operation task, i is an integer from 0 to N ⁇ 1, and N is a binary length of the secret information; and
  • the software processing circuit 11 is configured to:
  • the operation type is a modular multiplication operation or a modular addition operation.
  • the secret information is a private key in an RSA algorithm
  • operation apparatus shown in the embodiments may perform the solutions shown in the foregoing method embodiments.
  • Implementation principles and beneficial effects of the operation apparatus are similar to those of the solutions, and details are not described herein again.
  • a storage medium is configured to store a computer program, and the computer program is used to implement the operation method in the foregoing embodiments.
  • An embodiment further provides a chip or an integrated circuit, including a storage medium and a processor.
  • the storage medium is configured to store program instructions, and sometimes, is further configured to store intermediate data.
  • the processor is configured to invoke the program instructions stored in the storage medium, to implement the operation method described in the foregoing.
  • the storage medium may be independent or integrated with the processor.
  • the storage medium may be further located outside of the chip or the integrated circuit.
  • An embodiment further provides a program product.
  • the program product includes a computer program.
  • the computer program is stored in a storage medium, and the computer program is used to implement the foregoing operation method.
  • All or some of the steps of the method embodiments may be implemented by hardware related to program instructions.
  • the foregoing program may be stored in a readable memory. When the program is executed, the steps in the foregoing method embodiments are performed.
  • the foregoing storage media include a read-only memory (ROM), a RAM, a flash memory, a hard disk, a solid-state drive, a magnetic tape, a floppy disk, an optical disc, and any combination thereof.
  • These computer program instructions may be provided for a general-purpose computer, a dedicated computer, an embedded processor, or a processing unit of any other programmable data processing device to generate a machine, so that instructions executed by the computer or the processing unit of any other programmable data processing device generate an apparatus for implementing a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.
  • These computer program instructions may alternatively be stored in a computer-readable memory that can indicate the computer or another programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory generate an artifact that includes an instruction apparatus.
  • the instruction apparatus implements a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.
  • These computer program instructions may alternatively be loaded on the computer or another programmable data processing device, so that a series of operations and steps are performed on the computer or another programmable device, to generate computer-implemented processing. Therefore, the instructions executed on the computer or another programmable device provide steps for implementing a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.
  • the term “including,” and a variant thereof may refer to non-limitative inclusion; the term “or” and a variant thereof may refer to “and/or”.
  • the terms “first”, “second”, and the like are intended to distinguish between similar objects but do not necessarily indicate a specific order or sequence.
  • “A plurality of” refers to two or more than two.
  • the term “and/or” describes an association relationship between associated objects and represents that three relationships may exist. For example, A and/or B may represent the following three cases: Only A exists, both A and B exist, and only B exists. The character “/” usually represents an “or” relationship between the associated objects.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
US17/568,967 2019-07-09 2022-01-05 Operation method, operation apparatus, and device Active 2040-08-30 US11868485B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201910613478.4A CN112217643B (zh) 2019-07-09 2019-07-09 运算方法、装置及设备
CN201910613478.4 2019-07-09
PCT/CN2020/100658 WO2021004454A1 (zh) 2019-07-09 2020-07-07 运算方法、装置及设备

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/100658 Continuation WO2021004454A1 (zh) 2019-07-09 2020-07-07 运算方法、装置及设备

Publications (2)

Publication Number Publication Date
US20220129565A1 US20220129565A1 (en) 2022-04-28
US11868485B2 true US11868485B2 (en) 2024-01-09

Family

ID=74048245

Family Applications (1)

Application Number Title Priority Date Filing Date
US17/568,967 Active 2040-08-30 US11868485B2 (en) 2019-07-09 2022-01-05 Operation method, operation apparatus, and device

Country Status (4)

Country Link
US (1) US11868485B2 (de)
EP (1) EP3985917A4 (de)
CN (1) CN112217643B (de)
WO (1) WO2021004454A1 (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220377063A1 (en) * 2021-05-19 2022-11-24 Yahoo Japan Corporation Terminal device, authentication server, authentication method, and non-transitory computer readable storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113055165A (zh) * 2021-03-11 2021-06-29 湖南国科微电子股份有限公司 一种非对称密码算法装置、方法、设备及存储介质
CN113992329B (zh) * 2021-10-28 2023-04-07 深圳前海微众银行股份有限公司 一种区块链下基于sm2的交易签名方法、装置、设备及介质
CN114650135B (zh) * 2022-04-01 2024-01-02 浙江大学 一种软硬件协同的sm2椭圆曲线密码算法实现方法

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070177721A1 (en) * 2003-07-22 2007-08-02 Fujitsu Limited Tamper-proof elliptic encryption with private key
CN101131719A (zh) 2006-08-23 2008-02-27 北京同方微电子有限公司 一种用于密码学运算的微处理器内核
US20080240443A1 (en) * 2007-03-29 2008-10-02 Hitachi, Ltd Method and apparatus for securely processing secret data
CN201181472Y (zh) 2008-02-29 2009-01-14 北京华大恒泰科技有限责任公司 硬件密钥装置和移动存储系统
US20090138948A1 (en) * 2007-05-11 2009-05-28 Danger, Inc. System and method for over the air communication authentication using a device token
CN101504599A (zh) 2009-03-16 2009-08-12 西安电子科技大学 适于数字信号处理应用的专用指令集微处理系统
US20090238360A1 (en) 2008-03-24 2009-09-24 Mathieu Ciet Exponentiation ladder for cryptography
US20110091037A1 (en) * 2009-10-16 2011-04-21 Cisco Technology, Inc. Content protection key encryptor for security providers
CN102221987A (zh) 2011-05-11 2011-10-19 西安电子科技大学 基于嵌入式专用指令集处理器的指令集编码方法
US20120137137A1 (en) * 2010-11-30 2012-05-31 Brickell Ernest F Method and apparatus for key provisioning of hardware devices
US20120321075A1 (en) 2011-06-17 2012-12-20 Marc Joye Fault-resistant exponentiationi algorithm
CN104916302A (zh) 2015-06-05 2015-09-16 浪潮集团有限公司 一种带有加密认证功能的usb移动存储
CN109067523A (zh) 2018-07-28 2018-12-21 杭州电子科技大学 一种加密卡的数据加密方法
US20220138349A1 (en) * 2019-03-18 2022-05-05 Pqshield Ltd Cryptographic architecture for cryptographic permutation

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070177721A1 (en) * 2003-07-22 2007-08-02 Fujitsu Limited Tamper-proof elliptic encryption with private key
CN101131719A (zh) 2006-08-23 2008-02-27 北京同方微电子有限公司 一种用于密码学运算的微处理器内核
US20080240443A1 (en) * 2007-03-29 2008-10-02 Hitachi, Ltd Method and apparatus for securely processing secret data
US20090138948A1 (en) * 2007-05-11 2009-05-28 Danger, Inc. System and method for over the air communication authentication using a device token
CN201181472Y (zh) 2008-02-29 2009-01-14 北京华大恒泰科技有限责任公司 硬件密钥装置和移动存储系统
US20090238360A1 (en) 2008-03-24 2009-09-24 Mathieu Ciet Exponentiation ladder for cryptography
CN101504599A (zh) 2009-03-16 2009-08-12 西安电子科技大学 适于数字信号处理应用的专用指令集微处理系统
US20110091037A1 (en) * 2009-10-16 2011-04-21 Cisco Technology, Inc. Content protection key encryptor for security providers
US20120137137A1 (en) * 2010-11-30 2012-05-31 Brickell Ernest F Method and apparatus for key provisioning of hardware devices
CN103229451A (zh) 2010-11-30 2013-07-31 英特尔公司 用于硬件设备的密钥供应的方法和装置
CN102221987A (zh) 2011-05-11 2011-10-19 西安电子科技大学 基于嵌入式专用指令集处理器的指令集编码方法
US20120321075A1 (en) 2011-06-17 2012-12-20 Marc Joye Fault-resistant exponentiationi algorithm
CN104916302A (zh) 2015-06-05 2015-09-16 浪潮集团有限公司 一种带有加密认证功能的usb移动存储
CN109067523A (zh) 2018-07-28 2018-12-21 杭州电子科技大学 一种加密卡的数据加密方法
US20220138349A1 (en) * 2019-03-18 2022-05-05 Pqshield Ltd Cryptographic architecture for cryptographic permutation

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Chevallier-Mames et al., "Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity", IEEE Transactions on Computers, vol. 53, No. 6, Jun. 2004, 9 pages.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220377063A1 (en) * 2021-05-19 2022-11-24 Yahoo Japan Corporation Terminal device, authentication server, authentication method, and non-transitory computer readable storage medium

Also Published As

Publication number Publication date
CN112217643B (zh) 2021-12-10
CN112217643A (zh) 2021-01-12
EP3985917A1 (de) 2022-04-20
US20220129565A1 (en) 2022-04-28
WO2021004454A1 (zh) 2021-01-14
EP3985917A4 (de) 2022-08-10

Similar Documents

Publication Publication Date Title
US11868485B2 (en) Operation method, operation apparatus, and device
EP4000214A1 (de) Kryptographische architektur für kryptographische permutation
US10341116B2 (en) Remote attestation with hash-based signatures
US20150350171A1 (en) Semi-deterministic digital signature generation
US20090245507A1 (en) Data processing system and data processing method
US20080240443A1 (en) Method and apparatus for securely processing secret data
CN112152792A (zh) 基于mts的相互认证的远程证明
JP7123959B2 (ja) 楕円曲線点乗算デバイス及び方法
US7218735B2 (en) Cryptography method on elliptic curves
US8184804B2 (en) Hash function using a piling-up process
KR20020091059A (ko) 중매인의 사기 가능성을 감소시키면서 익명의 사용자를인증하는 방법
US11824986B2 (en) Device and method for protecting execution of a cryptographic operation
US11902432B2 (en) System and method to optimize generation of coprime numbers in cryptographic applications
US10348495B2 (en) Configurable crypto hardware engine
US11444760B2 (en) System, method, and apparatus for obfuscating device operations
WO2024086243A1 (en) Protection of polynomial cryptographic operations against side-channel attacks with change-of-variable transformations
RU2710670C2 (ru) Криптографическая система и способ
Döttling et al. David & goliath oblivious affine function evaluation-asymptotically optimal building blocks for universally composable two-party computation from a single untrusted stateful tamper-proof hardware token
US20140369493A1 (en) Method For Validating A Cryptographic Parameter And Corresponding Device
CN115378615A (zh) 协同签名方法、装置、电子设备及存储介质
CN114329632A (zh) 一种数字签名方法、装置、终端设备及存储介质
EP4033696A1 (de) Verfahren zur erzeugung von signaturen
US10790991B2 (en) Deterministic digital signature method without using a hash function
US20240281214A1 (en) Method for selecting a value amongst two values recorded in two different registers
US11029922B2 (en) Method for determining a modular inverse and associated cryptographic processing device

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

AS Assignment

Owner name: HUAWEI TECHNOLOGIES CO., LTD., CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ZHANG, QINGLONG;TANG, QIANYING;DAI, WANGCHEN;REEL/FRAME:059666/0843

Effective date: 20220419

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT RECEIVED

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE